RE: ISA Design Question: Best Practice

• From: "Quillman Shawn (RBNA/CIT1.1) *" <Shawn.Quillman@xxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 28 May 2003 07:11:38 -0500

If you have extra public IP's, create a segregated vlan that is part of the
subnet the outside of your firewall.  'Course they'd have to provide their
own virus protection, but that's not really your problem since they wouldn't
be on your network.  From your point of view it'd be no different than if
they were at their office, unless you allow all kinds of incoming traffic
for that subnet.
 
-Shawn

----- 
Shawn R. Quillman 
Robert Bosch Corporation RBNA/CIT1.1 
38000 Hills Tech Drive 
Farmington Hills, MI  48331 
(248) 553-1164 (P)     (248) 848-2855 (F) 
shawn.quillman@xxxxxxxxxxxx 

-----Original Message-----
From: David V. Dellanno [mailto:ddellanno@xxxxxxxxxx]
Sent: Wednesday, May 28, 2003 6:50 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA Design Question: Best Practice


http://www.ISAserver.org

http://www.ISAserver.org


Hi everyone,
   What is the best way to provide only internet access to your corporate
guest or contractors in your small but highly-secure single forest, single
domain 20-50 user environment, with no manual configurations needed by the
local administrator and no extra cabling or hardware?  
 
Example;  Your company will be inviting in 10 minutes, five slimy sales guys
that require to have internet access for their presentation but you do not
want them to be nosey and snooping around your network.   
 
Example; Your company has a development lab that periodically will allow
contractors to work in, but the contractors brings in their own laptops to
work on and they need to have internet access to read their mail, again you
don't want the contractors to have access to your development visual source
safe nor snooping around your network but your chief developer is breathing
down your neck to give the contractors what they need in 30 minutes.''
 
I know this sounds a bit exaggerated but I wanted to know if there is a way
for the contractors or slimy sales guys dhcp clients, to be separated
virtually off the corporate network with no interaction from the local
administrator?  Can ISA control this or is this as simple as getting a VLAN
switch? 
 
  _____  

David V. Dellanno - MCSE, MCP+I, MCP
MSDEMO Consultants
Williams Place
2564 Bridgewood Lane
Snellville, Georgia 30078 USA
(770) 736-8794 (Office)
 <http://msdemo.net/> msdemo.net
 






 



Confidentiality Notice:
This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender
by reply e-mail and destroy all copies of the original message.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Attachment: MCSE-RGB 112x53.GIF
Description: GIF image

Attachment: MCP+I-RGB 112x62.GIF
Description: GIF image

Attachment: MCP-RGB 112x51.GIF
Description: GIF image

Other related posts:

• » ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » Re: ISA Design Question: Best Practice
• » Re: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » Re: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » RE: ISA Design Question: Best Practice
• » Re: ISA Design Question: Best Practice
• » Re: ISA Design Question: Best Practice

1. Home
2. isalist
3. Archive
4. 05-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---